<?
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006, 2007 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('inc_head_db.php');
include ('inc_admin.php');

//Function to format data from database
function formatdata ($data, $bHTML) {
	$sReturn = stripslashes ($data);
	if ($bHTML)
		$sReturn = htmlentities ($sReturn);
	$sReturn = str_replace ("\n", "; ", $data);
	return $sReturn;
}

if ($_GET ['action'] == 'save') {
	$rowstart = "";
	$cellstart = '"';
	$cellend = '"';
	$separator = ',';
	$rowend = "\n";
	//Send headers to tell browser that this is a CSV file
	header("Content-Type: application/vnd.ms-excel");
	header("Content-Disposition: attachment; filename=players.csv;");
	$bHTML = False;
}
elseif ($_GET ['action'] == 'view') {
	$rowstart = "<tr>";
	$cellstart = '<td>';
	$cellend = '</td>';
	$separator = '';
	$rowend = "</tr>\n";
	include ('inc_head_html.php');
	echo "<h1>" . TITLE . " - All Players</h1>\n";
	echo "<p>\n<a href = 'admin.php'>Admin</a></p>\n";
	echo "<table border = '1'>";
	$bHTML = True;
}
else
	die ("Invalid GET request");

//Get list of players
$key = CRYPT_KEY;
$sql = "SELECT plPlayerID, " .
	"AES_DECRYPT(plAccess, '$key') AS dAccess, " .
	"AES_DECRYPT(plFirstName, '$key') AS dFirstName, " .
	"AES_DECRYPT(plSurname, '$key') AS dSurname, " .
	"AES_DECRYPT(plAddress1, '$key') AS dAddress1, " .
	"AES_DECRYPT(plAddress2, '$key') AS dAddress2, " .
	"AES_DECRYPT(plAddress3, '$key') AS dAddress3, " .
	"AES_DECRYPT(plAddress4, '$key') AS dAddress4, " .
	"AES_DECRYPT(plPostcode, '$key') AS dPostcode, " .
	"AES_DECRYPT(plTelephone, '$key') AS dTelephone, " .
	"AES_DECRYPT(plMobile, '$key') AS dMobile, " .
	"AES_DECRYPT(plEmail, '$key') AS dEmail, " .
	"AES_DECRYPT(plDOB, '$key') AS dDOB, " .
	"AES_DECRYPT(plMedicalInfo, '$key') AS dMedicalInfo, " .
	"AES_DECRYPT(plEmergencyName, '$key') AS dEmergencyName, " .
	"AES_DECRYPT(plEmergencyNumber, '$key') AS dEmergencyNumber, " .
	"AES_DECRYPT(plEmergencyRelationship, '$key') AS dEmergencyRelationship, " .
	"AES_DECRYPT(plCarRegistration, '$key') AS dCarRegistration, " .
	"AES_DECRYPT(plDietary, '$key') AS dDietary, " .
	"AES_DECRYPT(plBookAs, '$key') AS dBookAs " .
	"FROM players ORDER BY dSurname";
$result = mysqli_query ($link, $sql);

//Header row
echo $rowstart . $cellstart . 'PlayerID' . $cellend . $separator;
echo $cellstart . 'First Name' . $cellend . $separator;
echo $cellstart . 'Surname' . $cellend . $separator;
echo $cellstart . 'Address 1' . $cellend . $separator;
echo $cellstart . 'Address 2' . $cellend . $separator;
echo $cellstart . 'Address 3' . $cellend . $separator;
echo $cellstart . 'Address 4' . $cellend . $separator;
echo $cellstart . 'Postcode' . $cellend . $separator;
echo $cellstart . 'Telephone No.' . $cellend . $separator;
echo $cellstart . 'Mobile No.' . $cellend . $separator;
echo $cellstart . 'E-mail' . $cellend . $separator;
echo $cellstart . 'Date of Birth' . $cellend . $separator;
echo $cellstart . 'Medical Info' . $cellend . $separator;
echo $cellstart . 'Emergency Name' . $cellend . $separator;
echo $cellstart . 'Emergency Number' . $cellend . $separator;
echo $cellstart . 'Emergency Relationship' . $cellend . $separator;
echo $cellstart . 'Car Registration' . $cellend . $separator;
echo $cellstart . 'Dietary' . $cellend . $separator;
echo $cellstart . 'Booking As' . $cellend . $separator;
echo $cellstart . 'Access Rights' . $cellend . $rowend;

while ($row = mysqli_fetch_assoc ($result)) {
	echo $rowstart . $cellstart . PID_PREFIX . sprintf ('%03s', $row ['plPlayerID']) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dFirstName'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dSurname'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dAddress1'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dAddress2'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dAddress3'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dAddress4'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dPostcode'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dTelephone'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dMobile'], $bHTML) . $cellend . $separator;
	if ($bHTML === True)
		echo "$cellstart<a href = 'mailto:" . $row ['dEmail'] . "'>" . formatdata ($row ['dEmail'], $bHTML) . "</a>$cellend$separator";
	else
		echo $cellstart . formatdata ($row ['dEmail'], $bHTML) . $cellend . $separator;		
	//Date of birth is stored in YYYYMMDD format - need to decode
	$sDoB = $row ['dDOB'];
	$iDobYear = substr ($sDoB, 0, 4);
	$iMonth = substr ($sDoB, 4, 2);
	$iDate = substr ($sDoB, 6, 2);
	echo $cellstart . "$iDate-$iMonth-$iDobYear" . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dMedicalInfo'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dEmergencyName'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dEmergencyNumber'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dEmergencyRelationship'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dCarRegistration'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dDietary'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dBookAs'], $bHTML) . $cellend . $separator;
	echo $cellstart . formatdata ($row ['dAccess'], $bHTML) . $cellend . $rowend;
}
if ($_GET ['action'] == 'view') {
	echo "</table>\n";
	include ('inc_foot.php');
}
?>
